Details

Description

The @KerberosInfo annotation specifies the expected server and client principals for a given protocol in order to look up the correct principal name from the config. The NamenodeProtocol has the wrong value for the client config key. This wasn't noticed because most setups actually use the same value for for both the NN and 2NN principals (hdfs/_HOST@REALM), in which the _HOST part gets replaced at run-time. This bug therefore only manifests itself on secure setups which explicitly specify the NN and 2NN principals.